subject:"Review Request 73807\: Support Ranger KMS integration with TencentKMS"

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-02-16 Thread Kirby Zhou



> On 二月 16, 2022, 12:36 p.m., Dhaval Shah wrote:
> > Still the same issue with pom.xml

Have you downloaded the latest version of patch?

Or we have different HEADs of master?


```
% git fetch --all
Fetching github

% git checkout github/master
HEAD is now at 5f8d001bc RANGER-3625: fixed incorrect LOG.isDebugEnabled() 
condition in RangerHiveAuthorizer

% curl 'https://reviews.apache.org/r/73807/diff/raw/' > xx.patch  
  % Total% Received % Xferd  Average Speed   TimeTime Time  Current
 Dload  Upload   Total   SpentLeft  Speed
100 42594  100 425940 0  18855  0  0:00:02  0:00:02 --:--:-- 18930

% sha1sum xx.patch 
529adbfd7f2097d49906c48d44ea1ee0daa11e18  xx.patch

% git apply --check  xx.patch

% echo $?
0

```


- Kirby


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/#review224060
---


On 二月 16, 2022, 10:37 a.m., Kirby Zhou wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73807/
> ---
> 
> (Updated 二月 16, 2022, 10:37 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mateen Mansoori, Mehul 
> Parikh, Pradeep Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3580
> https://issues.apache.org/jira/browse/RANGER-3580
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger KMS integration with TencentKMS
> - This task is to integrate the RANGER KMS Service with TencentKMS.
> - To Configure RANGER KMS Service with TencentKMS below configurations need 
> to be added in install.properties file bfore running the setup.sh
> 
> ```
> # Do you use Tencent Cloud KMS? 
> TENCENT_KMS_ENABLED=true 
> # MasterKeyID on Tencent Cloud
> TENCENT_MASTERKEY_ID=YourKeyID
> # Login ID
> TENCENT_CLIENT_ID=YourClientLoginId
> # Login password
> TENCENT_CLIENT_SECRET=YourClientLoginSecret
> # Tencent Cloud area, see Tencent Cloud SDK for details. 
> TENCENT_CLIENT_REGION=ap-beijing
> ```
> 
> Run the setup.sh, It will add the below configs in dbks-site.xml
> ```
> 
> 
> ranger.kms.tencentkms.enabled
> false
> Flag for Tencent KMS
> 
> 
> ranger.kms.tencent.client.id
> 
> Tencent Client Id
> 
> 
> ranger.kms.tencent.client.secret
> 
> Tencent Client Secret
> 
> 
> ranger.kms.tencent.client.secret.alias
> ranger.ks.tencent.client.secret
> Tencent Client Secret Alias
> 
> 
> ranger.kms.tencent.client.region
> ap-beijing
> Tencent Client Id
> 
> 
> ranger.kms.tencent.masterkey.id
> 
> Tencent master key name
> 
> 
> ```
> 
> Generally, we don't want the account bound by KMS to have the right to create 
> a Key in TencentKMS. So we have to create Master Key on TencentKMS web 
> console at first.
> Start the kms service, On start Master Key from TencentKMS should be used.
> 
> 
> Diffs
> -
> 
>   distro/src/main/assembly/kms.xml 983a43e5938ecc6a02e918f587d7a8913678087e 
>   kms/config/kms-webapp/dbks-site.xml 
> 07de4d494b5d72609b47752109fc40a9e016f6ab 
>   kms/pom.xml 7a4f98df7a2244a2ae4158b32b047d77db01b0f2 
>   kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
>   kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
>  f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
>   kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
> bacc928570283708daef7a2573707fddd7ca096e 
>   kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
> 4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
> 5234dc7422793b3b88dcc4574fafcf34556fa33f 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
> 74c54a7a6f50878ce0f226d72a5e2c5554a0d4e5 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java
>  c661268c3c25362e428884a3bb34d88d827e7f31 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
> PRE-CREATION 
>   pom.xml 8a19c2de42f4ae7acff3ee9b2e399b870ef406f3 
> 
> 
> Diff: https://reviews.apache.org/r/73807/diff/8/
> 
> 
> Testing
> ---
> 
> + mvn clean compile test verify 
> + Fresh setup
> 
> 
> File Attachments
> 
> 
> 0001-add-TencentKMS-as-MasterKeyProvider.patch
>   
>

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-02-16 Thread Dhaval Shah


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/#review224060
---



Still the same issue with pom.xml

- Dhaval Shah


On Feb. 16, 2022, 10:37 a.m., Kirby Zhou wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73807/
> ---
> 
> (Updated Feb. 16, 2022, 10:37 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mateen Mansoori, Mehul 
> Parikh, Pradeep Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3580
> https://issues.apache.org/jira/browse/RANGER-3580
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger KMS integration with TencentKMS
> - This task is to integrate the RANGER KMS Service with TencentKMS.
> - To Configure RANGER KMS Service with TencentKMS below configurations need 
> to be added in install.properties file bfore running the setup.sh
> 
> ```
> # Do you use Tencent Cloud KMS? 
> TENCENT_KMS_ENABLED=true 
> # MasterKeyID on Tencent Cloud
> TENCENT_MASTERKEY_ID=YourKeyID
> # Login ID
> TENCENT_CLIENT_ID=YourClientLoginId
> # Login password
> TENCENT_CLIENT_SECRET=YourClientLoginSecret
> # Tencent Cloud area, see Tencent Cloud SDK for details. 
> TENCENT_CLIENT_REGION=ap-beijing
> ```
> 
> Run the setup.sh, It will add the below configs in dbks-site.xml
> ```
> 
> 
> ranger.kms.tencentkms.enabled
> false
> Flag for Tencent KMS
> 
> 
> ranger.kms.tencent.client.id
> 
> Tencent Client Id
> 
> 
> ranger.kms.tencent.client.secret
> 
> Tencent Client Secret
> 
> 
> ranger.kms.tencent.client.secret.alias
> ranger.ks.tencent.client.secret
> Tencent Client Secret Alias
> 
> 
> ranger.kms.tencent.client.region
> ap-beijing
> Tencent Client Id
> 
> 
> ranger.kms.tencent.masterkey.id
> 
> Tencent master key name
> 
> 
> ```
> 
> Generally, we don't want the account bound by KMS to have the right to create 
> a Key in TencentKMS. So we have to create Master Key on TencentKMS web 
> console at first.
> Start the kms service, On start Master Key from TencentKMS should be used.
> 
> 
> Diffs
> -
> 
>   distro/src/main/assembly/kms.xml 983a43e5938ecc6a02e918f587d7a8913678087e 
>   kms/config/kms-webapp/dbks-site.xml 
> 07de4d494b5d72609b47752109fc40a9e016f6ab 
>   kms/pom.xml 7a4f98df7a2244a2ae4158b32b047d77db01b0f2 
>   kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
>   kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
>  f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
>   kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
> bacc928570283708daef7a2573707fddd7ca096e 
>   kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
> 4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
> 5234dc7422793b3b88dcc4574fafcf34556fa33f 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
> 74c54a7a6f50878ce0f226d72a5e2c5554a0d4e5 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java
>  c661268c3c25362e428884a3bb34d88d827e7f31 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
> PRE-CREATION 
>   pom.xml 8a19c2de42f4ae7acff3ee9b2e399b870ef406f3 
> 
> 
> Diff: https://reviews.apache.org/r/73807/diff/8/
> 
> 
> Testing
> ---
> 
> + mvn clean compile test verify 
> + Fresh setup
> 
> 
> File Attachments
> 
> 
> 0001-add-TencentKMS-as-MasterKeyProvider.patch
>   
> https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch
> 
> 
> Thanks,
> 
> Kirby Zhou
> 
>

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-02-16 Thread Kirby Zhou


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/
---

(Updated 二月 16, 2022, 10:37 a.m.)


Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mateen Mansoori, Mehul 
Parikh, Pradeep Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and 
Velmurugan Periasamy.


Changes
---

I am sorry, I confused the patch version.


Bugs: RANGER-3580
https://issues.apache.org/jira/browse/RANGER-3580


Repository: ranger


Description
---

Ranger KMS integration with TencentKMS
- This task is to integrate the RANGER KMS Service with TencentKMS.
- To Configure RANGER KMS Service with TencentKMS below configurations need to 
be added in install.properties file bfore running the setup.sh

```
# Do you use Tencent Cloud KMS? 
TENCENT_KMS_ENABLED=true 
# MasterKeyID on Tencent Cloud
TENCENT_MASTERKEY_ID=YourKeyID
# Login ID
TENCENT_CLIENT_ID=YourClientLoginId
# Login password
TENCENT_CLIENT_SECRET=YourClientLoginSecret
# Tencent Cloud area, see Tencent Cloud SDK for details. 
TENCENT_CLIENT_REGION=ap-beijing
```

Run the setup.sh, It will add the below configs in dbks-site.xml
```


ranger.kms.tencentkms.enabled
false
Flag for Tencent KMS


ranger.kms.tencent.client.id

Tencent Client Id


ranger.kms.tencent.client.secret

Tencent Client Secret


ranger.kms.tencent.client.secret.alias
ranger.ks.tencent.client.secret
Tencent Client Secret Alias


ranger.kms.tencent.client.region
ap-beijing
Tencent Client Id


ranger.kms.tencent.masterkey.id

Tencent master key name


```

Generally, we don't want the account bound by KMS to have the right to create a 
Key in TencentKMS. So we have to create Master Key on TencentKMS web console at 
first.
Start the kms service, On start Master Key from TencentKMS should be used.


Diffs (updated)
-

  distro/src/main/assembly/kms.xml 983a43e5938ecc6a02e918f587d7a8913678087e 
  kms/config/kms-webapp/dbks-site.xml 07de4d494b5d72609b47752109fc40a9e016f6ab 
  kms/pom.xml 7a4f98df7a2244a2ae4158b32b047d77db01b0f2 
  kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
  kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
  
kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
 f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
  kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
bacc928570283708daef7a2573707fddd7ca096e 
  kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
5234dc7422793b3b88dcc4574fafcf34556fa33f 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
74c54a7a6f50878ce0f226d72a5e2c5554a0d4e5 
  
kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java 
c661268c3c25362e428884a3bb34d88d827e7f31 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
PRE-CREATION 
  pom.xml 8a19c2de42f4ae7acff3ee9b2e399b870ef406f3 


Diff: https://reviews.apache.org/r/73807/diff/8/

Changes: https://reviews.apache.org/r/73807/diff/7-8/


Testing
---

+ mvn clean compile test verify 
+ Fresh setup


File Attachments


0001-add-TencentKMS-as-MasterKeyProvider.patch
  
https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch


Thanks,

Kirby Zhou

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-02-16 Thread Dhaval Shah


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/#review224057
---



Facing conflict in pom.xml

git apply ~/Downloads/0001-add-TencentKMS-as-MasterKeyProvider.patch --check
error: patch failed: pom.xml:181
error: pom.xml: patch does not apply

- Dhaval Shah


On Feb. 15, 2022, 8:48 a.m., Kirby Zhou wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73807/
> ---
> 
> (Updated Feb. 15, 2022, 8:48 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mateen Mansoori, Mehul 
> Parikh, Pradeep Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3580
> https://issues.apache.org/jira/browse/RANGER-3580
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger KMS integration with TencentKMS
> - This task is to integrate the RANGER KMS Service with TencentKMS.
> - To Configure RANGER KMS Service with TencentKMS below configurations need 
> to be added in install.properties file bfore running the setup.sh
> 
> ```
> # Do you use Tencent Cloud KMS? 
> TENCENT_KMS_ENABLED=true 
> # MasterKeyID on Tencent Cloud
> TENCENT_MASTERKEY_ID=YourKeyID
> # Login ID
> TENCENT_CLIENT_ID=YourClientLoginId
> # Login password
> TENCENT_CLIENT_SECRET=YourClientLoginSecret
> # Tencent Cloud area, see Tencent Cloud SDK for details. 
> TENCENT_CLIENT_REGION=ap-beijing
> ```
> 
> Run the setup.sh, It will add the below configs in dbks-site.xml
> ```
> 
> 
> ranger.kms.tencentkms.enabled
> false
> Flag for Tencent KMS
> 
> 
> ranger.kms.tencent.client.id
> 
> Tencent Client Id
> 
> 
> ranger.kms.tencent.client.secret
> 
> Tencent Client Secret
> 
> 
> ranger.kms.tencent.client.secret.alias
> ranger.ks.tencent.client.secret
> Tencent Client Secret Alias
> 
> 
> ranger.kms.tencent.client.region
> ap-beijing
> Tencent Client Id
> 
> 
> ranger.kms.tencent.masterkey.id
> 
> Tencent master key name
> 
> 
> ```
> 
> Generally, we don't want the account bound by KMS to have the right to create 
> a Key in TencentKMS. So we have to create Master Key on TencentKMS web 
> console at first.
> Start the kms service, On start Master Key from TencentKMS should be used.
> 
> 
> Diffs
> -
> 
>   distro/src/main/assembly/kms.xml 983a43e5938ecc6a02e918f587d7a8913678087e 
>   kms/config/kms-webapp/dbks-site.xml 
> 07de4d494b5d72609b47752109fc40a9e016f6ab 
>   kms/pom.xml 7a4f98df7a2244a2ae4158b32b047d77db01b0f2 
>   kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
>   kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
>  f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
>   kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
> bacc928570283708daef7a2573707fddd7ca096e 
>   kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
> 4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
> 5234dc7422793b3b88dcc4574fafcf34556fa33f 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
> 74c54a7a6f50878ce0f226d72a5e2c5554a0d4e5 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java
>  c661268c3c25362e428884a3bb34d88d827e7f31 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
> PRE-CREATION 
>   pom.xml 8a19c2de42f4ae7acff3ee9b2e399b870ef406f3 
> 
> 
> Diff: https://reviews.apache.org/r/73807/diff/7/
> 
> 
> Testing
> ---
> 
> + mvn clean compile test verify 
> + Fresh setup
> 
> 
> File Attachments
> 
> 
> 0001-add-TencentKMS-as-MasterKeyProvider.patch
>   
> https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch
> 
> 
> Thanks,
> 
> Kirby Zhou
> 
>

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-02-15 Thread Kirby Zhou



> On 二月 15, 2022, 12:15 p.m., Dhaval Shah wrote:
> > Hi Kirby Zhou,
> > 
> > Facing PMD Violation issue.
> > 
> > [INFO] PMD version: 6.29.0
> > [INFO] PMD Failure: org.apache.hadoop.crypto.key.RangerKeyStoreProvider:20 
> > Rule:UnusedImports Priority:4 Avoid unused imports such as 
> > 'com.microsoft.azure.keyvault.KeyVaultClient'.
> > [INFO] PMD Failure: org.apache.hadoop.crypto.key.RangerKeyStoreProvider:45 
> > Rule:UnusedImports Priority:4 Avoid unused imports such as 
> > 'org.apache.commons.lang.StringUtils'.
> > [INFO] PMD Failure: org.apache.hadoop.crypto.key.RangerKeyStoreProvider:55 
> > Rule:UnusedImports Priority:4 Avoid unused imports such as 
> > 'com.tencentcloudapi.kms.v20190118.KmsClient'.
> > [INFO] PMD Failure: org.apache.hadoop.crypto.key.RangerKeyStoreProvider:80 
> > Rule:UnusedPrivateField Priority:3 Avoid unused private fields such as 
> > 'AZURE_KEYVAULT_SSL_ENABLED'..
> > [INFO] PMD Failure: org.apache.hadoop.crypto.key.RangerKeyStoreProvider:81 
> > Rule:UnusedPrivateField Priority:3 Avoid unused private fields such as 
> > 'AZURE_CLIENT_ID'..
> > [INFO] PMD Failure: org.apache.hadoop.crypto.key.RangerKeyStoreProvider:84 
> > Rule:UnusedPrivateField Priority:3 Avoid unused private fields such as 
> > 'AZURE_KEYVAULT_CERTIFICATE_PATH'..
> > [INFO] PMD Failure: org.apache.hadoop.crypto.key.RangerKeyStoreProvider:85 
> > Rule:UnusedPrivateField Priority:3 Avoid unused private fields such as 
> > 'AZURE_KEYVAULT_CERTIFICATE_PASSWORD'..
> > 
> > 
> > Request ypu please upload the patch after successful build using command 
> > "mvn clean install"

% mvn clean install
...
[INFO] Reactor Summary for ranger 3.0.0-SNAPSHOT:
[INFO] 
[INFO] ranger . SUCCESS [  5.724 s]
...

[INFO] Apache Ranger Distribution . SUCCESS [01:07 min]
[INFO] 
[INFO] BUILD SUCCESS
[INFO] 
[INFO] Total time:  16:19 min
[INFO] Finished at: 2022-02-16T15:44:57+08:00
[INFO] 

is it OK?


- Kirby


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/#review224050
---


On 二月 15, 2022, 8:48 a.m., Kirby Zhou wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73807/
> ---
> 
> (Updated 二月 15, 2022, 8:48 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mateen Mansoori, Mehul 
> Parikh, Pradeep Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3580
> https://issues.apache.org/jira/browse/RANGER-3580
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger KMS integration with TencentKMS
> - This task is to integrate the RANGER KMS Service with TencentKMS.
> - To Configure RANGER KMS Service with TencentKMS below configurations need 
> to be added in install.properties file bfore running the setup.sh
> 
> ```
> # Do you use Tencent Cloud KMS? 
> TENCENT_KMS_ENABLED=true 
> # MasterKeyID on Tencent Cloud
> TENCENT_MASTERKEY_ID=YourKeyID
> # Login ID
> TENCENT_CLIENT_ID=YourClientLoginId
> # Login password
> TENCENT_CLIENT_SECRET=YourClientLoginSecret
> # Tencent Cloud area, see Tencent Cloud SDK for details. 
> TENCENT_CLIENT_REGION=ap-beijing
> ```
> 
> Run the setup.sh, It will add the below configs in dbks-site.xml
> ```
> 
> 
> ranger.kms.tencentkms.enabled
> false
> Flag for Tencent KMS
> 
> 
> ranger.kms.tencent.client.id
> 
> Tencent Client Id
> 
> 
> ranger.kms.tencent.client.secret
> 
> Tencent Client Secret
> 
> 
> ranger.kms.tencent.client.secret.alias
> ranger.ks.tencent.client.secret
> Tencent Client Secret Alias
> 
> 
> ranger.kms.tencent.client.region
> ap-beijing
> Tencent Client Id
> 
> 
> ranger.kms.tencent.masterkey.id
> 
> Tencent master key name
> 
> 
> ```
> 
> Generally, we don't want the account bound by KMS to have the right to create 
> a Key in TencentKMS. So we have to create Master Key on TencentKMS web 
> console at first.
> Start the kms service, On start Master Key from TencentKMS should be used.
> 
> 
> Diffs
> -
> 
>   distro/src/main/assembly/kms.xml 983a43e5938ecc6a02e918f587d7a8913678087e 
>   kms/config/kms-webapp/dbks-site.xml 
> 07de4d494b5d72609b47752109fc40a9e016f6ab 
>   kms/pom.xml

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-02-15 Thread Dhaval Shah


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/#review224050
---



Hi Kirby Zhou,

Facing PMD Violation issue.

[INFO] PMD version: 6.29.0
[INFO] PMD Failure: org.apache.hadoop.crypto.key.RangerKeyStoreProvider:20 
Rule:UnusedImports Priority:4 Avoid unused imports such as 
'com.microsoft.azure.keyvault.KeyVaultClient'.
[INFO] PMD Failure: org.apache.hadoop.crypto.key.RangerKeyStoreProvider:45 
Rule:UnusedImports Priority:4 Avoid unused imports such as 
'org.apache.commons.lang.StringUtils'.
[INFO] PMD Failure: org.apache.hadoop.crypto.key.RangerKeyStoreProvider:55 
Rule:UnusedImports Priority:4 Avoid unused imports such as 
'com.tencentcloudapi.kms.v20190118.KmsClient'.
[INFO] PMD Failure: org.apache.hadoop.crypto.key.RangerKeyStoreProvider:80 
Rule:UnusedPrivateField Priority:3 Avoid unused private fields such as 
'AZURE_KEYVAULT_SSL_ENABLED'..
[INFO] PMD Failure: org.apache.hadoop.crypto.key.RangerKeyStoreProvider:81 
Rule:UnusedPrivateField Priority:3 Avoid unused private fields such as 
'AZURE_CLIENT_ID'..
[INFO] PMD Failure: org.apache.hadoop.crypto.key.RangerKeyStoreProvider:84 
Rule:UnusedPrivateField Priority:3 Avoid unused private fields such as 
'AZURE_KEYVAULT_CERTIFICATE_PATH'..
[INFO] PMD Failure: org.apache.hadoop.crypto.key.RangerKeyStoreProvider:85 
Rule:UnusedPrivateField Priority:3 Avoid unused private fields such as 
'AZURE_KEYVAULT_CERTIFICATE_PASSWORD'..


Request ypu please upload the patch after successful build using command "mvn 
clean install"

- Dhaval Shah


On Feb. 15, 2022, 8:48 a.m., Kirby Zhou wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73807/
> ---
> 
> (Updated Feb. 15, 2022, 8:48 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mateen Mansoori, Mehul 
> Parikh, Pradeep Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3580
> https://issues.apache.org/jira/browse/RANGER-3580
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger KMS integration with TencentKMS
> - This task is to integrate the RANGER KMS Service with TencentKMS.
> - To Configure RANGER KMS Service with TencentKMS below configurations need 
> to be added in install.properties file bfore running the setup.sh
> 
> ```
> # Do you use Tencent Cloud KMS? 
> TENCENT_KMS_ENABLED=true 
> # MasterKeyID on Tencent Cloud
> TENCENT_MASTERKEY_ID=YourKeyID
> # Login ID
> TENCENT_CLIENT_ID=YourClientLoginId
> # Login password
> TENCENT_CLIENT_SECRET=YourClientLoginSecret
> # Tencent Cloud area, see Tencent Cloud SDK for details. 
> TENCENT_CLIENT_REGION=ap-beijing
> ```
> 
> Run the setup.sh, It will add the below configs in dbks-site.xml
> ```
> 
> 
> ranger.kms.tencentkms.enabled
> false
> Flag for Tencent KMS
> 
> 
> ranger.kms.tencent.client.id
> 
> Tencent Client Id
> 
> 
> ranger.kms.tencent.client.secret
> 
> Tencent Client Secret
> 
> 
> ranger.kms.tencent.client.secret.alias
> ranger.ks.tencent.client.secret
> Tencent Client Secret Alias
> 
> 
> ranger.kms.tencent.client.region
> ap-beijing
> Tencent Client Id
> 
> 
> ranger.kms.tencent.masterkey.id
> 
> Tencent master key name
> 
> 
> ```
> 
> Generally, we don't want the account bound by KMS to have the right to create 
> a Key in TencentKMS. So we have to create Master Key on TencentKMS web 
> console at first.
> Start the kms service, On start Master Key from TencentKMS should be used.
> 
> 
> Diffs
> -
> 
>   distro/src/main/assembly/kms.xml 983a43e5938ecc6a02e918f587d7a8913678087e 
>   kms/config/kms-webapp/dbks-site.xml 
> 07de4d494b5d72609b47752109fc40a9e016f6ab 
>   kms/pom.xml 7a4f98df7a2244a2ae4158b32b047d77db01b0f2 
>   kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
>   kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
>  f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
>   kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
> bacc928570283708daef7a2573707fddd7ca096e 
>   kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
> 4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
> 5234dc7422793b3b88dcc4574fafcf34556fa33f 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
>

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-02-15 Thread Kirby Zhou


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/
---

(Updated 二月 15, 2022, 8:48 a.m.)


Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mateen Mansoori, Mehul 
Parikh, Pradeep Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and 
Velmurugan Periasamy.


Bugs: RANGER-3580
https://issues.apache.org/jira/browse/RANGER-3580


Repository: ranger


Description
---

Ranger KMS integration with TencentKMS
- This task is to integrate the RANGER KMS Service with TencentKMS.
- To Configure RANGER KMS Service with TencentKMS below configurations need to 
be added in install.properties file bfore running the setup.sh

```
# Do you use Tencent Cloud KMS? 
TENCENT_KMS_ENABLED=true 
# MasterKeyID on Tencent Cloud
TENCENT_MASTERKEY_ID=YourKeyID
# Login ID
TENCENT_CLIENT_ID=YourClientLoginId
# Login password
TENCENT_CLIENT_SECRET=YourClientLoginSecret
# Tencent Cloud area, see Tencent Cloud SDK for details. 
TENCENT_CLIENT_REGION=ap-beijing
```

Run the setup.sh, It will add the below configs in dbks-site.xml
```


ranger.kms.tencentkms.enabled
false
Flag for Tencent KMS


ranger.kms.tencent.client.id

Tencent Client Id


ranger.kms.tencent.client.secret

Tencent Client Secret


ranger.kms.tencent.client.secret.alias
ranger.ks.tencent.client.secret
Tencent Client Secret Alias


ranger.kms.tencent.client.region
ap-beijing
Tencent Client Id


ranger.kms.tencent.masterkey.id

Tencent master key name


```

Generally, we don't want the account bound by KMS to have the right to create a 
Key in TencentKMS. So we have to create Master Key on TencentKMS web console at 
first.
Start the kms service, On start Master Key from TencentKMS should be used.


Diffs (updated)
-

  distro/src/main/assembly/kms.xml 983a43e5938ecc6a02e918f587d7a8913678087e 
  kms/config/kms-webapp/dbks-site.xml 07de4d494b5d72609b47752109fc40a9e016f6ab 
  kms/pom.xml 7a4f98df7a2244a2ae4158b32b047d77db01b0f2 
  kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
  kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
  
kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
 f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
  kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
bacc928570283708daef7a2573707fddd7ca096e 
  kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
5234dc7422793b3b88dcc4574fafcf34556fa33f 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
74c54a7a6f50878ce0f226d72a5e2c5554a0d4e5 
  
kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java 
c661268c3c25362e428884a3bb34d88d827e7f31 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
PRE-CREATION 
  pom.xml 8a19c2de42f4ae7acff3ee9b2e399b870ef406f3 


Diff: https://reviews.apache.org/r/73807/diff/6/

Changes: https://reviews.apache.org/r/73807/diff/5-6/


Testing
---

+ mvn clean compile test verify 
+ Fresh setup


File Attachments


0001-add-TencentKMS-as-MasterKeyProvider.patch
  
https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch


Thanks,

Kirby Zhou

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-02-14 Thread Dhaval Shah


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/#review224047
---



Hi Kirby Zhou,

I am facing below issue for pom.xml while applying patch.

git apply ~/Downloads/0001-add-TencentKMS-as-MasterKeyProvider.patch --check
error: patch failed: pom.xml:181
error: pom.xml: patch does not apply

Can you please check and update accordingly. Further I will merge the patch in 
master branch.

Thanks

- Dhaval Shah


On Jan. 29, 2022, 9:53 a.m., Kirby Zhou wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73807/
> ---
> 
> (Updated Jan. 29, 2022, 9:53 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mateen Mansoori, Mehul 
> Parikh, Pradeep Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3580
> https://issues.apache.org/jira/browse/RANGER-3580
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger KMS integration with TencentKMS
> - This task is to integrate the RANGER KMS Service with TencentKMS.
> - To Configure RANGER KMS Service with TencentKMS below configurations need 
> to be added in install.properties file bfore running the setup.sh
> 
> ```
> # Do you use Tencent Cloud KMS? 
> TENCENT_KMS_ENABLED=true 
> # MasterKeyID on Tencent Cloud
> TENCENT_MASTERKEY_ID=YourKeyID
> # Login ID
> TENCENT_CLIENT_ID=YourClientLoginId
> # Login password
> TENCENT_CLIENT_SECRET=YourClientLoginSecret
> # Tencent Cloud area, see Tencent Cloud SDK for details. 
> TENCENT_CLIENT_REGION=ap-beijing
> ```
> 
> Run the setup.sh, It will add the below configs in dbks-site.xml
> ```
> 
> 
> ranger.kms.tencentkms.enabled
> false
> Flag for Tencent KMS
> 
> 
> ranger.kms.tencent.client.id
> 
> Tencent Client Id
> 
> 
> ranger.kms.tencent.client.secret
> 
> Tencent Client Secret
> 
> 
> ranger.kms.tencent.client.secret.alias
> ranger.ks.tencent.client.secret
> Tencent Client Secret Alias
> 
> 
> ranger.kms.tencent.client.region
> ap-beijing
> Tencent Client Id
> 
> 
> ranger.kms.tencent.masterkey.id
> 
> Tencent master key name
> 
> 
> ```
> 
> Generally, we don't want the account bound by KMS to have the right to create 
> a Key in TencentKMS. So we have to create Master Key on TencentKMS web 
> console at first.
> Start the kms service, On start Master Key from TencentKMS should be used.
> 
> 
> Diffs
> -
> 
>   distro/src/main/assembly/kms.xml 33d754b491c166cc781338b6530b8a0b9623529e 
>   kms/config/kms-webapp/dbks-site.xml 
> 07de4d494b5d72609b47752109fc40a9e016f6ab 
>   kms/pom.xml 35fbe8a9d94eb156e3510b5b611e5ce329ad8af5 
>   kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
>   kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
>  f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
>   kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
> bacc928570283708daef7a2573707fddd7ca096e 
>   kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
> 4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
> 5234dc7422793b3b88dcc4574fafcf34556fa33f 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
> 74c54a7a6f50878ce0f226d72a5e2c5554a0d4e5 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java
>  c661268c3c25362e428884a3bb34d88d827e7f31 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
> PRE-CREATION 
>   pom.xml 5982ace7d0acf16e63809aef7914819a0f908df6 
> 
> 
> Diff: https://reviews.apache.org/r/73807/diff/5/
> 
> 
> Testing
> ---
> 
> + mvn clean compile test verify 
> + Fresh setup
> 
> 
> File Attachments
> 
> 
> 0001-add-TencentKMS-as-MasterKeyProvider.patch
>   
> https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch
> 
> 
> Thanks,
> 
> Kirby Zhou
> 
>

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-02-10 Thread bhavik patel



> On Feb. 10, 2022, 7:52 a.m., Mateen Mansoori wrote:
> > Hi Kirby Zhou, Looks like this will take some more time to be checked in so 
> > created this - https://issues.apache.org/jira/browse/RANGER-3613 for 
> > keystore initialization issue when HSM(Luna) is enabled.
> 
> Kirby Zhou wrote:
> Your patch of RangerKeyStoreProvider.java seems fine, It is a similar 
> solution of fix in my patch. 
> But there are some conflicts of code-merger between us.
> 
> 
> :-(

Mateen Mansoori: this patch we can merge as It’s already had two ship-it and we 
can avoid conflict


- bhavik


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/#review224029
---


On Jan. 29, 2022, 9:53 a.m., Kirby Zhou wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73807/
> ---
> 
> (Updated Jan. 29, 2022, 9:53 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mateen Mansoori, Mehul 
> Parikh, Pradeep Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3580
> https://issues.apache.org/jira/browse/RANGER-3580
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger KMS integration with TencentKMS
> - This task is to integrate the RANGER KMS Service with TencentKMS.
> - To Configure RANGER KMS Service with TencentKMS below configurations need 
> to be added in install.properties file bfore running the setup.sh
> 
> ```
> # Do you use Tencent Cloud KMS? 
> TENCENT_KMS_ENABLED=true 
> # MasterKeyID on Tencent Cloud
> TENCENT_MASTERKEY_ID=YourKeyID
> # Login ID
> TENCENT_CLIENT_ID=YourClientLoginId
> # Login password
> TENCENT_CLIENT_SECRET=YourClientLoginSecret
> # Tencent Cloud area, see Tencent Cloud SDK for details. 
> TENCENT_CLIENT_REGION=ap-beijing
> ```
> 
> Run the setup.sh, It will add the below configs in dbks-site.xml
> ```
> 
> 
> ranger.kms.tencentkms.enabled
> false
> Flag for Tencent KMS
> 
> 
> ranger.kms.tencent.client.id
> 
> Tencent Client Id
> 
> 
> ranger.kms.tencent.client.secret
> 
> Tencent Client Secret
> 
> 
> ranger.kms.tencent.client.secret.alias
> ranger.ks.tencent.client.secret
> Tencent Client Secret Alias
> 
> 
> ranger.kms.tencent.client.region
> ap-beijing
> Tencent Client Id
> 
> 
> ranger.kms.tencent.masterkey.id
> 
> Tencent master key name
> 
> 
> ```
> 
> Generally, we don't want the account bound by KMS to have the right to create 
> a Key in TencentKMS. So we have to create Master Key on TencentKMS web 
> console at first.
> Start the kms service, On start Master Key from TencentKMS should be used.
> 
> 
> Diffs
> -
> 
>   distro/src/main/assembly/kms.xml 33d754b491c166cc781338b6530b8a0b9623529e 
>   kms/config/kms-webapp/dbks-site.xml 
> 07de4d494b5d72609b47752109fc40a9e016f6ab 
>   kms/pom.xml 35fbe8a9d94eb156e3510b5b611e5ce329ad8af5 
>   kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
>   kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
>  f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
>   kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
> bacc928570283708daef7a2573707fddd7ca096e 
>   kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
> 4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
> 5234dc7422793b3b88dcc4574fafcf34556fa33f 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
> 74c54a7a6f50878ce0f226d72a5e2c5554a0d4e5 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java
>  c661268c3c25362e428884a3bb34d88d827e7f31 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
> PRE-CREATION 
>   pom.xml 5982ace7d0acf16e63809aef7914819a0f908df6 
> 
> 
> Diff: https://reviews.apache.org/r/73807/diff/5/
> 
> 
> Testing
> ---
> 
> + mvn clean compile test verify 
> + Fresh setup
> 
> 
> File Attachments
> 
> 
> 0001-add-TencentKMS-as-MasterKeyProvider.patch
>   
> https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch
> 
> 
> Thanks,
> 
> Kirby Zhou
> 
>

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-02-09 Thread Mateen Mansoori


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/#review224029
---



Hi Kirby Zhou, Looks like this will take some more time to be checked in so 
created this - https://issues.apache.org/jira/browse/RANGER-3613 for keystore 
initialization issue when HSM(Luna) is enabled.

- Mateen Mansoori


On Jan. 29, 2022, 9:53 a.m., Kirby Zhou wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73807/
> ---
> 
> (Updated Jan. 29, 2022, 9:53 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mateen Mansoori, Mehul 
> Parikh, Pradeep Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3580
> https://issues.apache.org/jira/browse/RANGER-3580
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger KMS integration with TencentKMS
> - This task is to integrate the RANGER KMS Service with TencentKMS.
> - To Configure RANGER KMS Service with TencentKMS below configurations need 
> to be added in install.properties file bfore running the setup.sh
> 
> ```
> # Do you use Tencent Cloud KMS? 
> TENCENT_KMS_ENABLED=true 
> # MasterKeyID on Tencent Cloud
> TENCENT_MASTERKEY_ID=YourKeyID
> # Login ID
> TENCENT_CLIENT_ID=YourClientLoginId
> # Login password
> TENCENT_CLIENT_SECRET=YourClientLoginSecret
> # Tencent Cloud area, see Tencent Cloud SDK for details. 
> TENCENT_CLIENT_REGION=ap-beijing
> ```
> 
> Run the setup.sh, It will add the below configs in dbks-site.xml
> ```
> 
> 
> ranger.kms.tencentkms.enabled
> false
> Flag for Tencent KMS
> 
> 
> ranger.kms.tencent.client.id
> 
> Tencent Client Id
> 
> 
> ranger.kms.tencent.client.secret
> 
> Tencent Client Secret
> 
> 
> ranger.kms.tencent.client.secret.alias
> ranger.ks.tencent.client.secret
> Tencent Client Secret Alias
> 
> 
> ranger.kms.tencent.client.region
> ap-beijing
> Tencent Client Id
> 
> 
> ranger.kms.tencent.masterkey.id
> 
> Tencent master key name
> 
> 
> ```
> 
> Generally, we don't want the account bound by KMS to have the right to create 
> a Key in TencentKMS. So we have to create Master Key on TencentKMS web 
> console at first.
> Start the kms service, On start Master Key from TencentKMS should be used.
> 
> 
> Diffs
> -
> 
>   distro/src/main/assembly/kms.xml 33d754b491c166cc781338b6530b8a0b9623529e 
>   kms/config/kms-webapp/dbks-site.xml 
> 07de4d494b5d72609b47752109fc40a9e016f6ab 
>   kms/pom.xml 35fbe8a9d94eb156e3510b5b611e5ce329ad8af5 
>   kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
>   kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
>  f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
>   kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
> bacc928570283708daef7a2573707fddd7ca096e 
>   kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
> 4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
> 5234dc7422793b3b88dcc4574fafcf34556fa33f 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
> 74c54a7a6f50878ce0f226d72a5e2c5554a0d4e5 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java
>  c661268c3c25362e428884a3bb34d88d827e7f31 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
> PRE-CREATION 
>   pom.xml 5982ace7d0acf16e63809aef7914819a0f908df6 
> 
> 
> Diff: https://reviews.apache.org/r/73807/diff/5/
> 
> 
> Testing
> ---
> 
> + mvn clean compile test verify 
> + Fresh setup
> 
> 
> File Attachments
> 
> 
> 0001-add-TencentKMS-as-MasterKeyProvider.patch
>   
> https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch
> 
> 
> Thanks,
> 
> Kirby Zhou
> 
>

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-02-08 Thread bhavik patel


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/#review224027
---


Ship it!




Ship It!

- bhavik patel


On Jan. 29, 2022, 9:53 a.m., Kirby Zhou wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73807/
> ---
> 
> (Updated Jan. 29, 2022, 9:53 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mateen Mansoori, Mehul 
> Parikh, Pradeep Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3580
> https://issues.apache.org/jira/browse/RANGER-3580
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger KMS integration with TencentKMS
> - This task is to integrate the RANGER KMS Service with TencentKMS.
> - To Configure RANGER KMS Service with TencentKMS below configurations need 
> to be added in install.properties file bfore running the setup.sh
> 
> ```
> # Do you use Tencent Cloud KMS? 
> TENCENT_KMS_ENABLED=true 
> # MasterKeyID on Tencent Cloud
> TENCENT_MASTERKEY_ID=YourKeyID
> # Login ID
> TENCENT_CLIENT_ID=YourClientLoginId
> # Login password
> TENCENT_CLIENT_SECRET=YourClientLoginSecret
> # Tencent Cloud area, see Tencent Cloud SDK for details. 
> TENCENT_CLIENT_REGION=ap-beijing
> ```
> 
> Run the setup.sh, It will add the below configs in dbks-site.xml
> ```
> 
> 
> ranger.kms.tencentkms.enabled
> false
> Flag for Tencent KMS
> 
> 
> ranger.kms.tencent.client.id
> 
> Tencent Client Id
> 
> 
> ranger.kms.tencent.client.secret
> 
> Tencent Client Secret
> 
> 
> ranger.kms.tencent.client.secret.alias
> ranger.ks.tencent.client.secret
> Tencent Client Secret Alias
> 
> 
> ranger.kms.tencent.client.region
> ap-beijing
> Tencent Client Id
> 
> 
> ranger.kms.tencent.masterkey.id
> 
> Tencent master key name
> 
> 
> ```
> 
> Generally, we don't want the account bound by KMS to have the right to create 
> a Key in TencentKMS. So we have to create Master Key on TencentKMS web 
> console at first.
> Start the kms service, On start Master Key from TencentKMS should be used.
> 
> 
> Diffs
> -
> 
>   distro/src/main/assembly/kms.xml 33d754b491c166cc781338b6530b8a0b9623529e 
>   kms/config/kms-webapp/dbks-site.xml 
> 07de4d494b5d72609b47752109fc40a9e016f6ab 
>   kms/pom.xml 35fbe8a9d94eb156e3510b5b611e5ce329ad8af5 
>   kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
>   kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
>  f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
>   kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
> bacc928570283708daef7a2573707fddd7ca096e 
>   kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
> 4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
> 5234dc7422793b3b88dcc4574fafcf34556fa33f 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
> 74c54a7a6f50878ce0f226d72a5e2c5554a0d4e5 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java
>  c661268c3c25362e428884a3bb34d88d827e7f31 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
> PRE-CREATION 
>   pom.xml 5982ace7d0acf16e63809aef7914819a0f908df6 
> 
> 
> Diff: https://reviews.apache.org/r/73807/diff/5/
> 
> 
> Testing
> ---
> 
> + mvn clean compile test verify 
> + Fresh setup
> 
> 
> File Attachments
> 
> 
> 0001-add-TencentKMS-as-MasterKeyProvider.patch
>   
> https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch
> 
> 
> Thanks,
> 
> Kirby Zhou
> 
>

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-02-08 Thread Dhaval Shah


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/#review224026
---


Ship it!




Ship It!

- Dhaval Shah


On Jan. 29, 2022, 9:53 a.m., Kirby Zhou wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73807/
> ---
> 
> (Updated Jan. 29, 2022, 9:53 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mateen Mansoori, Mehul 
> Parikh, Pradeep Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3580
> https://issues.apache.org/jira/browse/RANGER-3580
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger KMS integration with TencentKMS
> - This task is to integrate the RANGER KMS Service with TencentKMS.
> - To Configure RANGER KMS Service with TencentKMS below configurations need 
> to be added in install.properties file bfore running the setup.sh
> 
> ```
> # Do you use Tencent Cloud KMS? 
> TENCENT_KMS_ENABLED=true 
> # MasterKeyID on Tencent Cloud
> TENCENT_MASTERKEY_ID=YourKeyID
> # Login ID
> TENCENT_CLIENT_ID=YourClientLoginId
> # Login password
> TENCENT_CLIENT_SECRET=YourClientLoginSecret
> # Tencent Cloud area, see Tencent Cloud SDK for details. 
> TENCENT_CLIENT_REGION=ap-beijing
> ```
> 
> Run the setup.sh, It will add the below configs in dbks-site.xml
> ```
> 
> 
> ranger.kms.tencentkms.enabled
> false
> Flag for Tencent KMS
> 
> 
> ranger.kms.tencent.client.id
> 
> Tencent Client Id
> 
> 
> ranger.kms.tencent.client.secret
> 
> Tencent Client Secret
> 
> 
> ranger.kms.tencent.client.secret.alias
> ranger.ks.tencent.client.secret
> Tencent Client Secret Alias
> 
> 
> ranger.kms.tencent.client.region
> ap-beijing
> Tencent Client Id
> 
> 
> ranger.kms.tencent.masterkey.id
> 
> Tencent master key name
> 
> 
> ```
> 
> Generally, we don't want the account bound by KMS to have the right to create 
> a Key in TencentKMS. So we have to create Master Key on TencentKMS web 
> console at first.
> Start the kms service, On start Master Key from TencentKMS should be used.
> 
> 
> Diffs
> -
> 
>   distro/src/main/assembly/kms.xml 33d754b491c166cc781338b6530b8a0b9623529e 
>   kms/config/kms-webapp/dbks-site.xml 
> 07de4d494b5d72609b47752109fc40a9e016f6ab 
>   kms/pom.xml 35fbe8a9d94eb156e3510b5b611e5ce329ad8af5 
>   kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
>   kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
>  f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
>   kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
> bacc928570283708daef7a2573707fddd7ca096e 
>   kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
> 4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
> 5234dc7422793b3b88dcc4574fafcf34556fa33f 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
> 74c54a7a6f50878ce0f226d72a5e2c5554a0d4e5 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java
>  c661268c3c25362e428884a3bb34d88d827e7f31 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
> PRE-CREATION 
>   pom.xml 5982ace7d0acf16e63809aef7914819a0f908df6 
> 
> 
> Diff: https://reviews.apache.org/r/73807/diff/5/
> 
> 
> Testing
> ---
> 
> + mvn clean compile test verify 
> + Fresh setup
> 
> 
> File Attachments
> 
> 
> 0001-add-TencentKMS-as-MasterKeyProvider.patch
>   
> https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch
> 
> 
> Thanks,
> 
> Kirby Zhou
> 
>

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-02-08 Thread Dhaval Shah



> On Jan. 19, 2022, 7:56 a.m., bhavik patel wrote:
> > kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java
> > Line 36 (original), 37 (patched)
> > 
> >
> > is it better option to upadate the class name to RangerAzure*?
> > @dhavalshah any thought on this?
> 
> Kirby Zhou wrote:
> KeyVault looks like a gerneral name, so I think should add “Azure" here.
> 
> Kirby Zhou wrote:
> @dhavalshah ?
> Any idea?

Its fine.


- Dhaval


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/#review223972
---


On Jan. 29, 2022, 9:53 a.m., Kirby Zhou wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73807/
> ---
> 
> (Updated Jan. 29, 2022, 9:53 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mateen Mansoori, Mehul 
> Parikh, Pradeep Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and 
> Velmurugan Periasamy.
> 
> 
> Bugs: RANGER-3580
> https://issues.apache.org/jira/browse/RANGER-3580
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger KMS integration with TencentKMS
> - This task is to integrate the RANGER KMS Service with TencentKMS.
> - To Configure RANGER KMS Service with TencentKMS below configurations need 
> to be added in install.properties file bfore running the setup.sh
> 
> ```
> # Do you use Tencent Cloud KMS? 
> TENCENT_KMS_ENABLED=true 
> # MasterKeyID on Tencent Cloud
> TENCENT_MASTERKEY_ID=YourKeyID
> # Login ID
> TENCENT_CLIENT_ID=YourClientLoginId
> # Login password
> TENCENT_CLIENT_SECRET=YourClientLoginSecret
> # Tencent Cloud area, see Tencent Cloud SDK for details. 
> TENCENT_CLIENT_REGION=ap-beijing
> ```
> 
> Run the setup.sh, It will add the below configs in dbks-site.xml
> ```
> 
> 
> ranger.kms.tencentkms.enabled
> false
> Flag for Tencent KMS
> 
> 
> ranger.kms.tencent.client.id
> 
> Tencent Client Id
> 
> 
> ranger.kms.tencent.client.secret
> 
> Tencent Client Secret
> 
> 
> ranger.kms.tencent.client.secret.alias
> ranger.ks.tencent.client.secret
> Tencent Client Secret Alias
> 
> 
> ranger.kms.tencent.client.region
> ap-beijing
> Tencent Client Id
> 
> 
> ranger.kms.tencent.masterkey.id
> 
> Tencent master key name
> 
> 
> ```
> 
> Generally, we don't want the account bound by KMS to have the right to create 
> a Key in TencentKMS. So we have to create Master Key on TencentKMS web 
> console at first.
> Start the kms service, On start Master Key from TencentKMS should be used.
> 
> 
> Diffs
> -
> 
>   distro/src/main/assembly/kms.xml 33d754b491c166cc781338b6530b8a0b9623529e 
>   kms/config/kms-webapp/dbks-site.xml 
> 07de4d494b5d72609b47752109fc40a9e016f6ab 
>   kms/pom.xml 35fbe8a9d94eb156e3510b5b611e5ce329ad8af5 
>   kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
>   kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
>  f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
>   kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
> bacc928570283708daef7a2573707fddd7ca096e 
>   kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
> 4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
> 5234dc7422793b3b88dcc4574fafcf34556fa33f 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
> 74c54a7a6f50878ce0f226d72a5e2c5554a0d4e5 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java
>  c661268c3c25362e428884a3bb34d88d827e7f31 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
> PRE-CREATION 
>   pom.xml 5982ace7d0acf16e63809aef7914819a0f908df6 
> 
> 
> Diff: https://reviews.apache.org/r/73807/diff/5/
> 
> 
> Testing
> ---
> 
> + mvn clean compile test verify 
> + Fresh setup
> 
> 
> File Attachments
> 
> 
> 0001-add-TencentKMS-as-MasterKeyProvider.patch
>   
> https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch
> 
> 
> Thanks,
> 
> Kirby Zhou
> 
>

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-01-29 Thread Kirby Zhou


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/
---

(Updated 一月 29, 2022, 9:53 a.m.)


Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mateen Mansoori, Mehul 
Parikh, Pradeep Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and 
Velmurugan Periasamy.


Changes
---

sync to master/HEAD


Bugs: RANGER-3580
https://issues.apache.org/jira/browse/RANGER-3580


Repository: ranger


Description
---

Ranger KMS integration with TencentKMS
- This task is to integrate the RANGER KMS Service with TencentKMS.
- To Configure RANGER KMS Service with TencentKMS below configurations need to 
be added in install.properties file bfore running the setup.sh

```
# Do you use Tencent Cloud KMS? 
TENCENT_KMS_ENABLED=true 
# MasterKeyID on Tencent Cloud
TENCENT_MASTERKEY_ID=YourKeyID
# Login ID
TENCENT_CLIENT_ID=YourClientLoginId
# Login password
TENCENT_CLIENT_SECRET=YourClientLoginSecret
# Tencent Cloud area, see Tencent Cloud SDK for details. 
TENCENT_CLIENT_REGION=ap-beijing
```

Run the setup.sh, It will add the below configs in dbks-site.xml
```


ranger.kms.tencentkms.enabled
false
Flag for Tencent KMS


ranger.kms.tencent.client.id

Tencent Client Id


ranger.kms.tencent.client.secret

Tencent Client Secret


ranger.kms.tencent.client.secret.alias
ranger.ks.tencent.client.secret
Tencent Client Secret Alias


ranger.kms.tencent.client.region
ap-beijing
Tencent Client Id


ranger.kms.tencent.masterkey.id

Tencent master key name


```

Generally, we don't want the account bound by KMS to have the right to create a 
Key in TencentKMS. So we have to create Master Key on TencentKMS web console at 
first.
Start the kms service, On start Master Key from TencentKMS should be used.


Diffs (updated)
-

  distro/src/main/assembly/kms.xml 33d754b491c166cc781338b6530b8a0b9623529e 
  kms/config/kms-webapp/dbks-site.xml 07de4d494b5d72609b47752109fc40a9e016f6ab 
  kms/pom.xml 35fbe8a9d94eb156e3510b5b611e5ce329ad8af5 
  kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
  kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
  
kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
 f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
  kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
bacc928570283708daef7a2573707fddd7ca096e 
  kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
5234dc7422793b3b88dcc4574fafcf34556fa33f 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
74c54a7a6f50878ce0f226d72a5e2c5554a0d4e5 
  
kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java 
c661268c3c25362e428884a3bb34d88d827e7f31 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
PRE-CREATION 
  pom.xml 5982ace7d0acf16e63809aef7914819a0f908df6 


Diff: https://reviews.apache.org/r/73807/diff/5/

Changes: https://reviews.apache.org/r/73807/diff/4-5/


Testing
---

+ mvn clean compile test verify 
+ Fresh setup


File Attachments


0001-add-TencentKMS-as-MasterKeyProvider.patch
  
https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch


Thanks,

Kirby Zhou

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-01-24 Thread Kirby Zhou



> On 一月 19, 2022, 7:56 a.m., bhavik patel wrote:
> > kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java
> > Line 36 (original), 37 (patched)
> > 
> >
> > is it better option to upadate the class name to RangerAzure*?
> > @dhavalshah any thought on this?
> 
> Kirby Zhou wrote:
> KeyVault looks like a gerneral name, so I think should add “Azure" here.

@dhavalshah ?
Any idea?


- Kirby


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/#review223972
---


On 一月 20, 2022, 3:29 a.m., Kirby Zhou wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73807/
> ---
> 
> (Updated 一月 20, 2022, 3:29 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Pradeep 
> Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-3580
> https://issues.apache.org/jira/browse/RANGER-3580
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger KMS integration with TencentKMS
> - This task is to integrate the RANGER KMS Service with TencentKMS.
> - To Configure RANGER KMS Service with TencentKMS below configurations need 
> to be added in install.properties file bfore running the setup.sh
> 
> ```
> # Do you use Tencent Cloud KMS? 
> TENCENT_KMS_ENABLED=true 
> # MasterKeyID on Tencent Cloud
> TENCENT_MASTERKEY_ID=YourKeyID
> # Login ID
> TENCENT_CLIENT_ID=YourClientLoginId
> # Login password
> TENCENT_CLIENT_SECRET=YourClientLoginSecret
> # Tencent Cloud area, see Tencent Cloud SDK for details. 
> TENCENT_CLIENT_REGION=ap-beijing
> ```
> 
> Run the setup.sh, It will add the below configs in dbks-site.xml
> ```
> 
> 
> ranger.kms.tencentkms.enabled
> false
> Flag for Tencent KMS
> 
> 
> ranger.kms.tencent.client.id
> 
> Tencent Client Id
> 
> 
> ranger.kms.tencent.client.secret
> 
> Tencent Client Secret
> 
> 
> ranger.kms.tencent.client.secret.alias
> ranger.ks.tencent.client.secret
> Tencent Client Secret Alias
> 
> 
> ranger.kms.tencent.client.region
> ap-beijing
> Tencent Client Id
> 
> 
> ranger.kms.tencent.masterkey.id
> 
> Tencent master key name
> 
> 
> ```
> 
> Generally, we don't want the account bound by KMS to have the right to create 
> a Key in TencentKMS. So we have to create Master Key on TencentKMS web 
> console at first.
> Start the kms service, On start Master Key from TencentKMS should be used.
> 
> 
> Diffs
> -
> 
>   distro/src/main/assembly/kms.xml 32bbefa44e372f3abb41d60cd35aa0d706ca3100 
>   kms/config/kms-webapp/dbks-site.xml 
> 07de4d494b5d72609b47752109fc40a9e016f6ab 
>   kms/pom.xml 8350403c76cd3f5a6d80e263f54b766dcf6e62e4 
>   kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
>   kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
>  f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
>   kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
> bacc928570283708daef7a2573707fddd7ca096e 
>   kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
> 4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerGoogleCloudHSMProvider.java
>  666a8c38faa157a79c3c3e3dd00050978b7681da 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
> 5234dc7422793b3b88dcc4574fafcf34556fa33f 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
> 74c54a7a6f50878ce0f226d72a5e2c5554a0d4e5 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java
>  c661268c3c25362e428884a3bb34d88d827e7f31 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
> PRE-CREATION 
>   pom.xml 13f9bfdc5a88ffdf8d3502605831059fbb9ad4cc 
> 
> 
> Diff: https://reviews.apache.org/r/73807/diff/4/
> 
> 
> Testing
> ---
> 
> + mvn clean compile test verify 
> + Fresh setup
> 
> 
> File Attachments
> 
> 
> 0001-add-TencentKMS-as-MasterKeyProvider.patch
>   
> https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch
> 
> 
> Thanks,
> 
> Kirby Zhou
> 
>

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-01-19 Thread bhavik patel



> On Jan. 19, 2022, 7:56 a.m., bhavik patel wrote:
> > kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java
> > Lines 26 (patched)
> > 
> >
> > please use slf4j logger factory
> 
> Kirby Zhou wrote:
> I fixed it with 0002-.patch
> 
> Should I merge the 2 patches into 1?

Yes please merge.
Here at review board we have to upload final single patch.


> On Jan. 19, 2022, 7:56 a.m., bhavik patel wrote:
> > pom.xml
> > Lines 242 (patched)
> > 
> >
> > Make sure this Doesn’t pull the any extra and vulnerable jar files
> 
> Kirby Zhou wrote:
> % mvn dependency:tree -Dverbose -f tencentcloud-sdk-java-3.1.322.pom 
> ...
> [INFO] com.tencentcloudapi:tencentcloud-sdk-java:jar:3.1.322
> [INFO] +- commons-logging:commons-logging:jar:1.2:compile
> [INFO] +- com.squareup.okio:okio:jar:1.12.0:compile
> [INFO] +- com.squareup.okhttp:okhttp:jar:2.7.5:compile
> [INFO] |  - (com.squareup.okio:okio:jar:1.6.0:compile - omitted for 
> conflict with 1.12.0)
> [INFO] +- com.google.code.gson:gson:jar:2.2.4:compile
> [INFO] +- javax.xml.bind:jaxb-api:jar:2.3.0:compile
> [INFO] +- com.squareup.okhttp:logging-interceptor:jar:2.7.5:compile
> [INFO] |  - (com.squareup.okhttp:okhttp:jar:2.7.5:compile - omitted for 
> duplicate)
> [INFO] - org.ini4j:ini4j:jar:0.5.4:compile
> ...
> 
> Is it ok?

Yes. I just want to make sure we are not fetching any vulnerable dependencies.


- bhavik


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/#review223972
---


On Jan. 20, 2022, 3:29 a.m., Kirby Zhou wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73807/
> ---
> 
> (Updated Jan. 20, 2022, 3:29 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Pradeep 
> Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-3580
> https://issues.apache.org/jira/browse/RANGER-3580
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger KMS integration with TencentKMS
> - This task is to integrate the RANGER KMS Service with TencentKMS.
> - To Configure RANGER KMS Service with TencentKMS below configurations need 
> to be added in install.properties file bfore running the setup.sh
> 
> ```
> # Do you use Tencent Cloud KMS? 
> TENCENT_KMS_ENABLED=true 
> # MasterKeyID on Tencent Cloud
> TENCENT_MASTERKEY_ID=YourKeyID
> # Login ID
> TENCENT_CLIENT_ID=YourClientLoginId
> # Login password
> TENCENT_CLIENT_SECRET=YourClientLoginSecret
> # Tencent Cloud area, see Tencent Cloud SDK for details. 
> TENCENT_CLIENT_REGION=ap-beijing
> ```
> 
> Run the setup.sh, It will add the below configs in dbks-site.xml
> ```
> 
> 
> ranger.kms.tencentkms.enabled
> false
> Flag for Tencent KMS
> 
> 
> ranger.kms.tencent.client.id
> 
> Tencent Client Id
> 
> 
> ranger.kms.tencent.client.secret
> 
> Tencent Client Secret
> 
> 
> ranger.kms.tencent.client.secret.alias
> ranger.ks.tencent.client.secret
> Tencent Client Secret Alias
> 
> 
> ranger.kms.tencent.client.region
> ap-beijing
> Tencent Client Id
> 
> 
> ranger.kms.tencent.masterkey.id
> 
> Tencent master key name
> 
> 
> ```
> 
> Generally, we don't want the account bound by KMS to have the right to create 
> a Key in TencentKMS. So we have to create Master Key on TencentKMS web 
> console at first.
> Start the kms service, On start Master Key from TencentKMS should be used.
> 
> 
> Diffs
> -
> 
>   distro/src/main/assembly/kms.xml 32bbefa44e372f3abb41d60cd35aa0d706ca3100 
>   kms/config/kms-webapp/dbks-site.xml 
> 07de4d494b5d72609b47752109fc40a9e016f6ab 
>   kms/pom.xml 8350403c76cd3f5a6d80e263f54b766dcf6e62e4 
>   kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
>   kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
>  f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
>   kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
> bacc928570283708daef7a2573707fddd7ca096e 
>   kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
> 4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
>   
>

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-01-19 Thread Kirby Zhou


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/
---

(Updated 一月 20, 2022, 3:29 a.m.)


Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Pradeep 
Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and Velmurugan Periasamy.


Changes
---

simplify code and fix typo


Bugs: RANGER-3580
https://issues.apache.org/jira/browse/RANGER-3580


Repository: ranger


Description
---

Ranger KMS integration with TencentKMS
- This task is to integrate the RANGER KMS Service with TencentKMS.
- To Configure RANGER KMS Service with TencentKMS below configurations need to 
be added in install.properties file bfore running the setup.sh

```
# Do you use Tencent Cloud KMS? 
TENCENT_KMS_ENABLED=true 
# MasterKeyID on Tencent Cloud
TENCENT_MASTERKEY_ID=YourKeyID
# Login ID
TENCENT_CLIENT_ID=YourClientLoginId
# Login password
TENCENT_CLIENT_SECRET=YourClientLoginSecret
# Tencent Cloud area, see Tencent Cloud SDK for details. 
TENCENT_CLIENT_REGION=ap-beijing
```

Run the setup.sh, It will add the below configs in dbks-site.xml
```


ranger.kms.tencentkms.enabled
false
Flag for Tencent KMS


ranger.kms.tencent.client.id

Tencent Client Id


ranger.kms.tencent.client.secret

Tencent Client Secret


ranger.kms.tencent.client.secret.alias
ranger.ks.tencent.client.secret
Tencent Client Secret Alias


ranger.kms.tencent.client.region
ap-beijing
Tencent Client Id


ranger.kms.tencent.masterkey.id

Tencent master key name


```

Generally, we don't want the account bound by KMS to have the right to create a 
Key in TencentKMS. So we have to create Master Key on TencentKMS web console at 
first.
Start the kms service, On start Master Key from TencentKMS should be used.


Diffs (updated)
-

  distro/src/main/assembly/kms.xml 32bbefa44e372f3abb41d60cd35aa0d706ca3100 
  kms/config/kms-webapp/dbks-site.xml 07de4d494b5d72609b47752109fc40a9e016f6ab 
  kms/pom.xml 8350403c76cd3f5a6d80e263f54b766dcf6e62e4 
  kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
  kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
  
kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
 f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
  kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
bacc928570283708daef7a2573707fddd7ca096e 
  kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
  
kms/src/main/java/org/apache/hadoop/crypto/key/RangerGoogleCloudHSMProvider.java
 666a8c38faa157a79c3c3e3dd00050978b7681da 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
5234dc7422793b3b88dcc4574fafcf34556fa33f 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
74c54a7a6f50878ce0f226d72a5e2c5554a0d4e5 
  
kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java 
c661268c3c25362e428884a3bb34d88d827e7f31 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
PRE-CREATION 
  pom.xml 13f9bfdc5a88ffdf8d3502605831059fbb9ad4cc 


Diff: https://reviews.apache.org/r/73807/diff/4/

Changes: https://reviews.apache.org/r/73807/diff/3-4/


Testing
---

+ mvn clean compile test verify 
+ Fresh setup


File Attachments (updated)


0001-add-TencentKMS-as-MasterKeyProvider.patch
  
https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch


Thanks,

Kirby Zhou

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-01-19 Thread Kirby Zhou



> On 一月 19, 2022, 7:56 a.m., bhavik patel wrote:
> > kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java
> > Line 36 (original), 37 (patched)
> > 
> >
> > is it better option to upadate the class name to RangerAzure*?
> > @dhavalshah any thought on this?

KeyVault looks like a gerneral name, so I think should add “Azure" here.


> On 一月 19, 2022, 7:56 a.m., bhavik patel wrote:
> > kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java
> > Lines 26 (patched)
> > 
> >
> > please use slf4j logger factory

I fixed it with 0002-.patch

Should I merge the 2 patches into 1?


> On 一月 19, 2022, 7:56 a.m., bhavik patel wrote:
> > pom.xml
> > Lines 242 (patched)
> > 
> >
> > Make sure this Doesn’t pull the any extra and vulnerable jar files

% mvn dependency:tree -Dverbose -f tencentcloud-sdk-java-3.1.322.pom 
...
[INFO] com.tencentcloudapi:tencentcloud-sdk-java:jar:3.1.322
[INFO] +- commons-logging:commons-logging:jar:1.2:compile
[INFO] +- com.squareup.okio:okio:jar:1.12.0:compile
[INFO] +- com.squareup.okhttp:okhttp:jar:2.7.5:compile
[INFO] |  - (com.squareup.okio:okio:jar:1.6.0:compile - omitted for conflict 
with 1.12.0)
[INFO] +- com.google.code.gson:gson:jar:2.2.4:compile
[INFO] +- javax.xml.bind:jaxb-api:jar:2.3.0:compile
[INFO] +- com.squareup.okhttp:logging-interceptor:jar:2.7.5:compile
[INFO] |  - (com.squareup.okhttp:okhttp:jar:2.7.5:compile - omitted for 
duplicate)
[INFO] - org.ini4j:ini4j:jar:0.5.4:compile
...

Is it ok?


- Kirby


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/#review223972
---


On 一月 19, 2022, 10:40 a.m., Kirby Zhou wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73807/
> ---
> 
> (Updated 一月 19, 2022, 10:40 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Pradeep 
> Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-3580
> https://issues.apache.org/jira/browse/RANGER-3580
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger KMS integration with TencentKMS
> - This task is to integrate the RANGER KMS Service with TencentKMS.
> - To Configure RANGER KMS Service with TencentKMS below configurations need 
> to be added in install.properties file bfore running the setup.sh
> 
> ```
> # Do you use Tencent Cloud KMS? 
> TENCENT_KMS_ENABLED=true 
> # MasterKeyID on Tencent Cloud
> TENCENT_MASTERKEY_ID=YourKeyID
> # Login ID
> TENCENT_CLIENT_ID=YourClientLoginId
> # Login password
> TENCENT_CLIENT_SECRET=YourClientLoginSecret
> # Tencent Cloud area, see Tencent Cloud SDK for details. 
> TENCENT_CLIENT_REGION=ap-beijing
> ```
> 
> Run the setup.sh, It will add the below configs in dbks-site.xml
> ```
> 
> 
> ranger.kms.tencentkms.enabled
> false
> Flag for Tencent KMS
> 
> 
> ranger.kms.tencent.client.id
> 
> Tencent Client Id
> 
> 
> ranger.kms.tencent.client.secret
> 
> Tencent Client Secret
> 
> 
> ranger.kms.tencent.client.secret.alias
> ranger.ks.tencent.client.secret
> Tencent Client Secret Alias
> 
> 
> ranger.kms.tencent.client.region
> ap-beijing
> Tencent Client Id
> 
> 
> ranger.kms.tencent.masterkey.id
> 
> Tencent master key name
> 
> 
> ```
> 
> Generally, we don't want the account bound by KMS to have the right to create 
> a Key in TencentKMS. So we have to create Master Key on TencentKMS web 
> console at first.
> Start the kms service, On start Master Key from TencentKMS should be used.
> 
> 
> Diffs
> -
> 
>   distro/src/main/assembly/kms.xml 32bbefa44e372f3abb41d60cd35aa0d706ca3100 
>   kms/config/kms-webapp/dbks-site.xml 
> 07de4d494b5d72609b47752109fc40a9e016f6ab 
>   kms/pom.xml 8350403c76cd3f5a6d80e263f54b766dcf6e62e4 
>   kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
>   kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
>  f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
>   kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
> bacc928570283708daef7a2573707fddd7ca096e 
>

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-01-19 Thread Kirby Zhou


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/
---

(Updated 一月 19, 2022, 10:40 a.m.)


Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Pradeep 
Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and Velmurugan Periasamy.


Changes
---

switch-from-log4j-to-slf4j


Bugs: RANGER-3580
https://issues.apache.org/jira/browse/RANGER-3580


Repository: ranger


Description
---

Ranger KMS integration with TencentKMS
- This task is to integrate the RANGER KMS Service with TencentKMS.
- To Configure RANGER KMS Service with TencentKMS below configurations need to 
be added in install.properties file bfore running the setup.sh

```
# Do you use Tencent Cloud KMS? 
TENCENT_KMS_ENABLED=true 
# MasterKeyID on Tencent Cloud
TENCENT_MASTERKEY_ID=YourKeyID
# Login ID
TENCENT_CLIENT_ID=YourClientLoginId
# Login password
TENCENT_CLIENT_SECRET=YourClientLoginSecret
# Tencent Cloud area, see Tencent Cloud SDK for details. 
TENCENT_CLIENT_REGION=ap-beijing
```

Run the setup.sh, It will add the below configs in dbks-site.xml
```


ranger.kms.tencentkms.enabled
false
Flag for Tencent KMS


ranger.kms.tencent.client.id

Tencent Client Id


ranger.kms.tencent.client.secret

Tencent Client Secret


ranger.kms.tencent.client.secret.alias
ranger.ks.tencent.client.secret
Tencent Client Secret Alias


ranger.kms.tencent.client.region
ap-beijing
Tencent Client Id


ranger.kms.tencent.masterkey.id

Tencent master key name


```

Generally, we don't want the account bound by KMS to have the right to create a 
Key in TencentKMS. So we have to create Master Key on TencentKMS web console at 
first.
Start the kms service, On start Master Key from TencentKMS should be used.


Diffs
-

  distro/src/main/assembly/kms.xml 32bbefa44e372f3abb41d60cd35aa0d706ca3100 
  kms/config/kms-webapp/dbks-site.xml 07de4d494b5d72609b47752109fc40a9e016f6ab 
  kms/pom.xml 8350403c76cd3f5a6d80e263f54b766dcf6e62e4 
  kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
  kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
  
kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
 f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
  kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
bacc928570283708daef7a2573707fddd7ca096e 
  kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
5234dc7422793b3b88dcc4574fafcf34556fa33f 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
74c54a7a6f50878ce0f226d72a5e2c5554a0d4e5 
  
kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java 
c661268c3c25362e428884a3bb34d88d827e7f31 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
PRE-CREATION 
  pom.xml 13f9bfdc5a88ffdf8d3502605831059fbb9ad4cc 


Diff: https://reviews.apache.org/r/73807/diff/3/


Testing
---

+ mvn clean compile test verify 
+ Fresh setup


File Attachments (updated)


0001-add-TencentKMS-as-MasterKeyProvider.patch
  
https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch
0002-switch-from-log4j-to-slf4j.patch
  
https://reviews.apache.org/media/uploaded/files/2022/01/19/2f5c0202-c13f-420e-926a-61728f8b041e__0002-switch-from-log4j-to-slf4j.patch


Thanks,

Kirby Zhou

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-01-18 Thread bhavik patel


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/#review223972
---




kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java
Line 36 (original), 37 (patched)


is it better option to upadate the class name to RangerAzure*?
@dhavalshah any thought on this?



kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java
Lines 26 (patched)


please use slf4j logger factory



pom.xml
Lines 242 (patched)


Make sure this Doesn’t pull the any extra and vulnerable jar files


- bhavik patel


On Jan. 19, 2022, 3:55 a.m., Kirby Zhou wrote:
> 
> ---
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73807/
> ---
> 
> (Updated Jan. 19, 2022, 3:55 a.m.)
> 
> 
> Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
> Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Pradeep 
> Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and Velmurugan 
> Periasamy.
> 
> 
> Bugs: RANGER-3580
> https://issues.apache.org/jira/browse/RANGER-3580
> 
> 
> Repository: ranger
> 
> 
> Description
> ---
> 
> Ranger KMS integration with TencentKMS
> - This task is to integrate the RANGER KMS Service with TencentKMS.
> - To Configure RANGER KMS Service with TencentKMS below configurations need 
> to be added in install.properties file bfore running the setup.sh
> 
> ```
> # Do you use Tencent Cloud KMS? 
> TENCENT_KMS_ENABLED=true 
> # MasterKeyID on Tencent Cloud
> TENCENT_MASTERKEY_ID=YourKeyID
> # Login ID
> TENCENT_CLIENT_ID=YourClientLoginId
> # Login password
> TENCENT_CLIENT_SECRET=YourClientLoginSecret
> # Tencent Cloud area, see Tencent Cloud SDK for details. 
> TENCENT_CLIENT_REGION=ap-beijing
> ```
> 
> Run the setup.sh, It will add the below configs in dbks-site.xml
> ```
> 
> 
> ranger.kms.tencentkms.enabled
> false
> Flag for Tencent KMS
> 
> 
> ranger.kms.tencent.client.id
> 
> Tencent Client Id
> 
> 
> ranger.kms.tencent.client.secret
> 
> Tencent Client Secret
> 
> 
> ranger.kms.tencent.client.secret.alias
> ranger.ks.tencent.client.secret
> Tencent Client Secret Alias
> 
> 
> ranger.kms.tencent.client.region
> ap-beijing
> Tencent Client Id
> 
> 
> ranger.kms.tencent.masterkey.id
> 
> Tencent master key name
> 
> 
> ```
> 
> Generally, we don't want the account bound by KMS to have the right to create 
> a Key in TencentKMS. So we have to create Master Key on TencentKMS web 
> console at first.
> Start the kms service, On start Master Key from TencentKMS should be used.
> 
> 
> Diffs
> -
> 
>   distro/src/main/assembly/kms.xml 32bbefa44e372f3abb41d60cd35aa0d706ca3100 
>   kms/config/kms-webapp/dbks-site.xml 
> 07de4d494b5d72609b47752109fc40a9e016f6ab 
>   kms/pom.xml 8350403c76cd3f5a6d80e263f54b766dcf6e62e4 
>   kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
>   kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
>  f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
>   kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
> bacc928570283708daef7a2573707fddd7ca096e 
>   kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
> 4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
> 5234dc7422793b3b88dcc4574fafcf34556fa33f 
>   kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
> 74c54a7a6f50878ce0f226d72a5e2c5554a0d4e5 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java
>  c661268c3c25362e428884a3bb34d88d827e7f31 
>   
> kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
> PRE-CREATION 
>   pom.xml 13f9bfdc5a88ffdf8d3502605831059fbb9ad4cc 
> 
> 
> Diff: https://reviews.apache.org/r/73807/diff/3/
> 
> 
> Testing
> ---
> 
> + mvn clean compile test verify 
> + Fresh setup
> 
> 
> File Attachments
> 
> 
> 0001-add-TencentKMS-as-MasterKeyProvider.patch
>   
> https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch
> 
> 
> Thanks,
> 
> Kirby Zhou
> 
>

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-01-18 Thread Kirby Zhou


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/
---

(Updated 一月 19, 2022, 3:55 a.m.)


Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Pradeep 
Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and Velmurugan Periasamy.


Changes
---

merge with master-HEAD


Bugs: RANGER-3580
https://issues.apache.org/jira/browse/RANGER-3580


Repository: ranger


Description
---

Ranger KMS integration with TencentKMS
- This task is to integrate the RANGER KMS Service with TencentKMS.
- To Configure RANGER KMS Service with TencentKMS below configurations need to 
be added in install.properties file bfore running the setup.sh

```
# Do you use Tencent Cloud KMS? 
TENCENT_KMS_ENABLED=true 
# MasterKeyID on Tencent Cloud
TENCENT_MASTERKEY_ID=YourKeyID
# Login ID
TENCENT_CLIENT_ID=YourClientLoginId
# Login password
TENCENT_CLIENT_SECRET=YourClientLoginSecret
# Tencent Cloud area, see Tencent Cloud SDK for details. 
TENCENT_CLIENT_REGION=ap-beijing
```

Run the setup.sh, It will add the below configs in dbks-site.xml
```


ranger.kms.tencentkms.enabled
false
Flag for Tencent KMS


ranger.kms.tencent.client.id

Tencent Client Id


ranger.kms.tencent.client.secret

Tencent Client Secret


ranger.kms.tencent.client.secret.alias
ranger.ks.tencent.client.secret
Tencent Client Secret Alias


ranger.kms.tencent.client.region
ap-beijing
Tencent Client Id


ranger.kms.tencent.masterkey.id

Tencent master key name


```

Generally, we don't want the account bound by KMS to have the right to create a 
Key in TencentKMS. So we have to create Master Key on TencentKMS web console at 
first.
Start the kms service, On start Master Key from TencentKMS should be used.


Diffs (updated)
-

  distro/src/main/assembly/kms.xml 32bbefa44e372f3abb41d60cd35aa0d706ca3100 
  kms/config/kms-webapp/dbks-site.xml 07de4d494b5d72609b47752109fc40a9e016f6ab 
  kms/pom.xml 8350403c76cd3f5a6d80e263f54b766dcf6e62e4 
  kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
  kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
  
kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
 f96cbb7561b2c1a29b7f42c9fb3ed810b05b5054 
  kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
bacc928570283708daef7a2573707fddd7ca096e 
  kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
5234dc7422793b3b88dcc4574fafcf34556fa33f 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
74c54a7a6f50878ce0f226d72a5e2c5554a0d4e5 
  
kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java 
c661268c3c25362e428884a3bb34d88d827e7f31 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
PRE-CREATION 
  pom.xml 13f9bfdc5a88ffdf8d3502605831059fbb9ad4cc 


Diff: https://reviews.apache.org/r/73807/diff/3/

Changes: https://reviews.apache.org/r/73807/diff/2-3/


Testing
---

+ mvn clean compile test verify 
+ Fresh setup


File Attachments


0001-add-TencentKMS-as-MasterKeyProvider.patch
  
https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch


Thanks,

Kirby Zhou

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-01-18 Thread Kirby Zhou


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/
---

(Updated 一月 19, 2022, 3:30 a.m.)


Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Pradeep 
Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and Velmurugan Periasamy.


Bugs: RANGER-3580
https://issues.apache.org/jira/browse/RANGER-3580


Repository: ranger


Description
---

Ranger KMS integration with TencentKMS
- This task is to integrate the RANGER KMS Service with TencentKMS.
- To Configure RANGER KMS Service with TencentKMS below configurations need to 
be added in install.properties file bfore running the setup.sh

```
# Do you use Tencent Cloud KMS? 
TENCENT_KMS_ENABLED=true 
# MasterKeyID on Tencent Cloud
TENCENT_MASTERKEY_ID=YourKeyID
# Login ID
TENCENT_CLIENT_ID=YourClientLoginId
# Login password
TENCENT_CLIENT_SECRET=YourClientLoginSecret
# Tencent Cloud area, see Tencent Cloud SDK for details. 
TENCENT_CLIENT_REGION=ap-beijing
```

Run the setup.sh, It will add the below configs in dbks-site.xml
```


ranger.kms.tencentkms.enabled
false
Flag for Tencent KMS


ranger.kms.tencent.client.id

Tencent Client Id


ranger.kms.tencent.client.secret

Tencent Client Secret


ranger.kms.tencent.client.secret.alias
ranger.ks.tencent.client.secret
Tencent Client Secret Alias


ranger.kms.tencent.client.region
ap-beijing
Tencent Client Id


ranger.kms.tencent.masterkey.id

Tencent master key name


```

Generally, we don't want the account bound by KMS to have the right to create a 
Key in TencentKMS. So we have to create Master Key on TencentKMS web console at 
first.
Start the kms service, On start Master Key from TencentKMS should be used.


Diffs
-

  distro/src/main/assembly/kms.xml 32bbefa44e372f3abb41d60cd35aa0d706ca3100 
  kms/config/kms-webapp/dbks-site.xml 07de4d494b5d72609b47752109fc40a9e016f6ab 
  kms/pom.xml 908e8841a4a8c0627622d35486ffe2dac7bbdc61 
  kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
  kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
  
kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
 19335893a4d875743fcf71b12124b1c40a4ee6e1 
  kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
bacc928570283708daef7a2573707fddd7ca096e 
  kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
12d485a36423d1c25a3b59cc8436e0a40863a78f 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
bd85c0d364ad06691a0f5d8f19b5124189261db3 
  
kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java 
d21d32320bbd32e4efbe83c701d11c94dc804765 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
PRE-CREATION 
  kms/src/main/resources/log4j.properties 
5cd037a49c670a3a0eec9e85fdcafeeeabff1405 
  pom.xml c663937eba452321b4e2400cc6d3f528f74596de 


Diff: https://reviews.apache.org/r/73807/diff/2/


Testing (updated)
---

+ mvn clean compile test verify 
+ Fresh setup


File Attachments


0001-add-TencentKMS-as-MasterKeyProvider.patch
  
https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch


Thanks,

Kirby Zhou

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-01-18 Thread Kirby Zhou


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/
---

(Updated 一月 19, 2022, 3:09 a.m.)


Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Pradeep 
Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and Velmurugan Periasamy.


Bugs: RANGER-3580
https://issues.apache.org/jira/browse/RANGER-3580


Repository: ranger


Description
---

Ranger KMS integration with TencentKMS
- This task is to integrate the RANGER KMS Service with TencentKMS.
- To Configure RANGER KMS Service with TencentKMS below configurations need to 
be added in install.properties file bfore running the setup.sh

```
# Do you use Tencent Cloud KMS? 
TENCENT_KMS_ENABLED=true 
# MasterKeyID on Tencent Cloud
TENCENT_MASTERKEY_ID=YourKeyID
# Login ID
TENCENT_CLIENT_ID=YourClientLoginId
# Login password
TENCENT_CLIENT_SECRET=YourClientLoginSecret
# Tencent Cloud area, see Tencent Cloud SDK for details. 
TENCENT_CLIENT_REGION=ap-beijing
```

Run the setup.sh, It will add the below configs in dbks-site.xml
```


ranger.kms.tencentkms.enabled
false
Flag for Tencent KMS


ranger.kms.tencent.client.id

Tencent Client Id


ranger.kms.tencent.client.secret

Tencent Client Secret


ranger.kms.tencent.client.secret.alias
ranger.ks.tencent.client.secret
Tencent Client Secret Alias


ranger.kms.tencent.client.region
ap-beijing
Tencent Client Id


ranger.kms.tencent.masterkey.id

Tencent master key name


```

Generally, we don't want the account bound by KMS to have the right to create a 
Key in TencentKMS. So we have to create Master Key on TencentKMS web console at 
first.
Start the kms service, On start Master Key from TencentKMS should be used.


Diffs (updated)
-

  distro/src/main/assembly/kms.xml 32bbefa44e372f3abb41d60cd35aa0d706ca3100 
  kms/config/kms-webapp/dbks-site.xml 07de4d494b5d72609b47752109fc40a9e016f6ab 
  kms/pom.xml 908e8841a4a8c0627622d35486ffe2dac7bbdc61 
  kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
  kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
  
kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
 19335893a4d875743fcf71b12124b1c40a4ee6e1 
  kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
bacc928570283708daef7a2573707fddd7ca096e 
  kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
12d485a36423d1c25a3b59cc8436e0a40863a78f 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
bd85c0d364ad06691a0f5d8f19b5124189261db3 
  
kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java 
d21d32320bbd32e4efbe83c701d11c94dc804765 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerTencentKMSProvider.java 
PRE-CREATION 
  kms/src/main/resources/log4j.properties 
5cd037a49c670a3a0eec9e85fdcafeeeabff1405 
  pom.xml c663937eba452321b4e2400cc6d3f528f74596de 


Diff: https://reviews.apache.org/r/73807/diff/2/

Changes: https://reviews.apache.org/r/73807/diff/1-2/


Testing
---


File Attachments (updated)


0001-add-TencentKMS-as-MasterKeyProvider.patch
  
https://reviews.apache.org/media/uploaded/files/2022/01/19/c0ec963d-95f0-4e77-823d-b7de9d5d54e6__0001-add-TencentKMS-as-MasterKeyProvider.patch


Thanks,

Kirby Zhou

Review Request 73807: Support Ranger KMS integration with TencentKMS

2022-01-18 Thread Kirby Zhou


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73807/
---

Review request for ranger, Dhaval Shah, Dineshkumar Yadav, Gautam Borad, 
Jayendra Parab, Kishor Gollapalliwar, Abhay Kulkarni, Mehul Parikh, Pradeep 
Agrawal, VaradreawiZTV VaradreawiZTV, Vishal Suvagia, and Velmurugan Periasamy.


Bugs: RANGER-3580
https://issues.apache.org/jira/browse/RANGER-3580


Repository: ranger


Description
---

Ranger KMS integration with TencentKMS
- This task is to integrate the RANGER KMS Service with TencentKMS.
- To Configure RANGER KMS Service with TencentKMS below configurations need to 
be added in install.properties file bfore running the setup.sh

```
# Do you use Tencent Cloud KMS? 
TENCENT_KMS_ENABLED=true 
# MasterKeyID on Tencent Cloud
TENCENT_MASTERKEY_ID=YourKeyID
# Login ID
TENCENT_CLIENT_ID=YourClientLoginId
# Login password
TENCENT_CLIENT_SECRET=YourClientLoginSecret
# Tencent Cloud area, see Tencent Cloud SDK for details. 
TENCENT_CLIENT_REGION=ap-beijing
```

Run the setup.sh, It will add the below configs in dbks-site.xml
```


ranger.kms.tencentkms.enabled
false
Flag for Tencent KMS


ranger.kms.tencent.client.id

Tencent Client Id


ranger.kms.tencent.client.secret

Tencent Client Secret


ranger.kms.tencent.client.secret.alias
ranger.ks.tencent.client.secret
Tencent Client Secret Alias


ranger.kms.tencent.client.region
ap-beijing
Tencent Client Id


ranger.kms.tencent.masterkey.id

Tencent master key name


```

Generally, we don't want the account bound by KMS to have the right to create a 
Key in TencentKMS. So we have to create Master Key on TencentKMS web console at 
first.
Start the kms service, On start Master Key from TencentKMS should be used.


Diffs
-

  distro/src/main/assembly/kms.xml 32bbefa44e372f3abb41d60cd35aa0d706ca3100 
  kms/config/kms-webapp/dbks-site.xml 07de4d494b5d72609b47752109fc40a9e016f6ab 
  kms/pom.xml 908e8841a4a8c0627622d35486ffe2dac7bbdc61 
  kms/scripts/install.properties 31143d3426565a338c308dc1a7ea8304f3f4e102 
  kms/scripts/setup.sh 2051df59a8bb0be11ba7a54e547f78cf5a0dca36 
  
kms/src/main/java/org/apache/hadoop/crypto/key/AzureKeyVaultClientAuthenticator.java
 19335893a4d875743fcf71b12124b1c40a4ee6e1 
  kms/src/main/java/org/apache/hadoop/crypto/key/DBToAzureKeyVault.java 
bacc928570283708daef7a2573707fddd7ca096e 
  kms/src/main/java/org/apache/hadoop/crypto/key/JKS2RangerUtil.java 
4324439ba66f9f0fb68d570f1964ed6caa8c07bd 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStore.java 
12d485a36423d1c25a3b59cc8436e0a40863a78f 
  kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyStoreProvider.java 
bd85c0d364ad06691a0f5d8f19b5124189261db3 
  
kms/src/main/java/org/apache/hadoop/crypto/key/RangerKeyVaultKeyGenerator.java 
d21d32320bbd32e4efbe83c701d11c94dc804765 
  
kms/src/main/java/org/apache/hadoop/crypto/key/TencentKMSZoneKeyGenerator.java 
PRE-CREATION 
  kms/src/main/resources/log4j.properties 
5cd037a49c670a3a0eec9e85fdcafeeeabff1405 
  pom.xml c663937eba452321b4e2400cc6d3f528f74596de 


Diff: https://reviews.apache.org/r/73807/diff/1/


Testing
---


Thanks,

Kirby Zhou

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Re: Review Request 73807: Support Ranger KMS integration with TencentKMS

Review Request 73807: Support Ranger KMS integration with TencentKMS

24 matches

Site Navigation

Mail list logo

Footer information